Xray 3.114.5 Cloud

Xray Release Information
Products
JFrog Xray
Content Type
Release Notes
ft:sourceType
Paligo

Released: February 26, 2025

Feature Enhancements

JFrog Curation

  • Create tickets or notifications from the system if there is a blocking action in the audit using Webhooks events. Whenever a curation process encounters a blocked package, an event is triggered and sent to the designated webhook. The event includes comprehensive details about the blocked package, such as:

    • Package Information: Identifying details of the package that was requested.

    • Requester Details: Information on the user or entity that requested the package.

    • Policy Violation: A description of the specific policy violation that resulted in the blocking of the package.

  • You can now connect repositories by package type to Curation, gaining a comprehensive overview of all curatable ecosystems in your Artifactory. Easily manage connections, view status updates for each package type, and define automatic connections for future repositories. Stay informed with notifications for any disconnections, ensuring seamless management and oversight.

Resolved Issues

Jira

Description

XRAY-98659

A “DB Error” was issued when performing a jf scan CLI command.

XRAY-95081

Vulnerabilities were incorrectly reported for a resource with .digit(s) suffix in a Docker image that had been whiteouted.

XRAY-92685

Xray failed to display build overview data correctly for builds with a "+" symbol in their name.

XRAY-95242

Artifacts were not indexed due to database corruption of child files that lacked a corresponding root file.

XRAY-96292

The scan status of .exe files was stuck.

XRAY-104815

Fixed an issue where "block" and "approve" Curation package audit events were missing from the CSV export, despite being visible in the audit UI.

XRAY-99663

Some components were missing from the SBOM table when performing the SBOM import.

XRAY-102173

  • An issue in scanning 7zip files prevented opening files using the ARM64 LZMA2:18 BCJ SPARC method.

  • When a 7zip compression file couldn’t be opened, Xray continued to process the next file

XRAY-85823

The response of API call POST xray/api/v1/violations/ignored returned an unexpected result

XRAY-101943

An SPDX report did not generate results for Release Bundles.

XRAY-95742

Xray Webhooks erroneously added violations in the scan callbacks from Policies that did not contain a specific webhook rule.

XRAY-97722

Fixed the search bar in the Git Repositories tab under Scans Lists.

XRAY-105520

In some cases, SBOM did not detect npm packages.